About the Web Services Stack

Web services are distributed applications developed using open
technologies such as eXtensible Markup Language (XML), SOAP, and HyperText
Transfer Protocol (HTTP). Enterprises use these technologies as a
mechanism for allowing their applications to cross network boundaries
and communicate with those of their partners, customers and suppliers.
Towards this end, OpenSSO Enterprise implements the Liberty Alliance Project Identity-Web Service
Framework (Liberty ID-WSF) 1.1 specifications, designed to operate in
concert with the Liberty Alliance Project Identity-Federation Framework (Liberty ID-FF).
The implementation of the Liberty ID-WSF 1.1 specifications uses a servlet
framework into which identity-based web services can be plugged and
leveraged for security. Tools and API are also provided for identity
providers to develop new web services and for service providers to
consume both default and custom web services. Furthermore, OpenSSO Enterprise provides
the necessary hooks to integrate an existing enterprise infrastructure
with the Liberty Alliance Project—based infrastructure. Figure 12–1 illustrates the design of the Liberty ID-WSF framework.

Figure 12–1 Web Services Stack Design

Any custom web service developed with the Liberty ID-WSF must register
with the SOAP Binding Service which provides validation of SOAP messages and generates
the OpenSSO Enterprise session token for client authorization. Bootstrapping of
the Web Services Stack is accomplished by using the Discovery Service to find
a resource offering for an authenticated user.
(A resource offering defines an association between
a type of identity data and a URI to a WSDL file that provides information
about obtaining access to the data. The web service provider must
also register the web service's resource offering with the Discovery Service before
offering services.) OpenSSO Enterprise supports bootstrapping using SAML v2, Liberty ID-FF,
or the Authentication Web Service.